Short: Windows 7 RTM auto-elevate white list
I received a bunch requests to update the auto-elevate list from May, so here it is. There’s no change from the RC list.
- \Windows\ehome\Mcx2Prov.exe
- \Windows\System32\AdapterTroubleshooter.exe
- \Windows\System32\appinfo.dll
- \Windows\System32\BitLockerWizardElev.exe
- \Windows\System32\bthudtask.exe
- \Windows\System32\chkntfs.exe
- \Windows\System32\cleanmgr.exe
- \Windows\System32\cliconfg.exe
- \Windows\System32\CompMgmtLauncher.exe
- \Windows\System32\ComputerDefaults.exe
- \Windows\System32\dccw.exe
- \Windows\System32\dcomcnfg.exe
- \Windows\System32\DeviceEject.exe
- \Windows\System32\DeviceProperties.exe
- \Windows\System32\dfrgui.exe
- \Windows\System32\djoin.exe
- \Windows\System32\eudcedit.exe
- \Windows\System32\eventvwr.exe
- \Windows\System32\fsquirt.exe
- \Windows\System32\FXSUNATD.exe
- \Windows\System32\hdwwiz.exe
- \Windows\System32\ieUnatt.exe
- \Windows\System32\iscsicli.exe
- \Windows\System32\iscsicpl.exe
- \Windows\System32\lpksetup.exe
- \Windows\System32\MdSched.exe
- \Windows\System32\msconfig.exe
- \Windows\System32\msdt.exe
- \Windows\System32\msra.exe
- \Windows\System32\MultiDigiMon.exe
- \Windows\System32\Netplwiz.exe
- \Windows\System32\newdev.exe
- \Windows\System32\ntprint.exe
- \Windows\System32\ocsetup.exe
- \Windows\System32\odbcad32.exe
- \Windows\System32\OptionalFeatures.exe
- \Windows\System32\perfmon.exe
- \Windows\System32\printui.exe
- \Windows\System32\rdpshell.exe
- \Windows\System32\recdisc.exe
- \Windows\System32\rrinstaller.exe
- \Windows\System32\rstrui.exe
- \Windows\System32\sdbinst.exe
- \Windows\System32\sdclt.exe
- \Windows\System32\shrpubw.exe
- \Windows\System32\slui.exe
- \Windows\System32\SndVol.exe
- \Windows\System32\spinstall.exe
- \Windows\System32\SystemPropertiesAdvanced.exe
- \Windows\System32\SystemPropertiesComputerName.exe
- \Windows\System32\SystemPropertiesDataExecutionPrevention.exe
- \Windows\System32\SystemPropertiesHardware.exe
- \Windows\System32\SystemPropertiesPerformance.exe
- \Windows\System32\SystemPropertiesProtection.exe
- \Windows\System32\SystemPropertiesRemote.exe
- \Windows\System32\taskmgr.exe
- \Windows\System32\tcmsetup.exe
- \Windows\System32\TpmInit.exe
- \Windows\System32\verifier.exe
- \Windows\System32\wisptis.exe
- \Windows\System32\wusa.exe
- \Windows\System32\DriverStore\FileRepository\bth.inf_amd64_neutral_a1e8f56d586ec10b\fsquirt.exe
- \Windows\System32\oobe\setupsqm.exe
- \Windows\System32\sysprep\sysprep.exe
nice how msconfig is on the list, then you can go to tools and run an admin cmd prompt without any uac prompt
child processes need to check uac imo
spud’s right…there should have been a distinction between user-approved elevation and auto-elevation. User-approved elevated processes should be allowed to spawn child processes without a UAC prompt, while auto-elevated processes should trigger a UAC prompt when they try to spawn child processes.
Same deal with regedit… msconfig is way too powerful (especially the access from the tools tab) to be allowed that kind of elevation.
This should not come as a surprise, we all know the 7 UAC was tweaked bcuz of the Vista bitching, for people that care about security, just turn UAC all the way up.
@asf
I agree. Turn up UAC back to the Vista levels and have peace of mind.
I Ran trouble shooting because I cannot seem to reinstall Windows XP. I now have Windows 7. My issue is now It states that C:/ Windows/ System32/ msdt.exe is missing. What do I do to fix it? and Go back to Windows XP? Let me know.